No citation, but IIRC the tinc 1.0 branch has little/no protection against replay attacks, at least in UDP mode.
I recall the 1.1 branch improving the protocol in this regard, though it's been a long time since I looked, and I can't vouch for its overall security. I'm surprised it hasn't been officially released yet; the branch was cut over a decade ago! (Also a little annoyed; I contributed improvements to tincctl back then, and they still haven't been released...)
I recall the 1.1 branch improving the protocol in this regard, though it's been a long time since I looked, and I can't vouch for its overall security. I'm surprised it hasn't been officially released yet; the branch was cut over a decade ago! (Also a little annoyed; I contributed improvements to tincctl back then, and they still haven't been released...)